CVE

Id
12872  
CVE No.
CVE-2005-1666  
Status
Candidate  
Description
Multiple buffer overflows in Orenosv HTTP/FTP Server 0.8.1 allow remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via long arguments to FTP commands such as MKD, RMD, or DELE, which are processed by the (1) ftp_xlate_path, (2) ftp_is_canonical, or (3) os_fn_nativize functions, or (4) a long SSI command that is processed by the parse_cmd function in cgissi.exe.  
Phase
Assigned (20050518)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
92624 12872 CVE-2005-1666 MISC:http://www.security.org.sg/vuln/orenosv081.html  View
92625 12872 CVE-2005-1666 MISC:http://www.securiteam.com/windowsntfocus/5FP0H00FPS.html  View
92626 12872 CVE-2005-1666 CONFIRM:http://hp.vector.co.jp/authors/VA027031/orenosv/index_en.html  View
92627 12872 CVE-2005-1666 BID:13546  View
92628 12872 CVE-2005-1666 URL:http://www.securityfocus.com/bid/13546  View
92629 12872 CVE-2005-1666 BID:13549  View
92630 12872 CVE-2005-1666 URL:http://www.securityfocus.com/bid/13549  View
92631 12872 CVE-2005-1666 VUPEN:ADV-2005-0499  View
92632 12872 CVE-2005-1666 URL:http://www.vupen.com/english/advisories/2005/0499  View
92633 12872 CVE-2005-1666 OSVDB:16165  View
92634 12872 CVE-2005-1666 URL:http://www.osvdb.org/16165  View
92635 12872 CVE-2005-1666 OSVDB:16166  View
92636 12872 CVE-2005-1666 URL:http://www.osvdb.org/16166  View
92637 12872 CVE-2005-1666 SECTRACK:1013923  View
92638 12872 CVE-2005-1666 URL:http://securitytracker.com/id?1013923  View
92639 12872 CVE-2005-1666 SECUNIA:15302  View
92640 12872 CVE-2005-1666 URL:http://secunia.com/advisories/15302  View
92641 12872 CVE-2005-1666 XF:orenosv-http-ftp-commands-bo(20510)  View
92642 12872 CVE-2005-1666 URL:http://xforce.iss.net/xforce/xfdb/20510  View
92643 12872 CVE-2005-1666 XF:orenosv-http-ftp-cgissi-bo(20512)  View

Related JVN